Qodana logo

Qodana

The code quality platform for teams

News

JetBrains Qodana 2023.3: New code quality features

Read this post in other languages:

Our team has been hard at work listening to your feedback and creating new features that can help you enhance code quality and increase compliance. Let’s take a look at what to expect in the latest release, JetBrains Qodana 2023.3.

What’s new for .NET?

EAP launched for Qodana Community linter for .NET

Previously, if you wanted to run the community version of ReSharper’s code analysis outside of an IDE (on your CI/CD server), you’d use InspectCode from ReSharper Command Line Tools.

With this 2023.3 release, we’re launching the Early Access Program (EAP) for the Qodana Community linter for .NET that will replace it!

Why? While Qodana is also based on the same static code analysis engine as ReSharper, it offers several additional benefits. 

With Qodana, you can:

  • View analysis results with a signature sunburst diagram in Qodana Cloud.
  • Quickly assess the project’s overall health.
  • Use the baseline to manage technical debt.

We will not discontinue the ReSharper Command Line Tools for now, but moving forward, the Qodana Community linter for .NET will be the preferred way to run the community version of ReSharper’s analysis outside of an IDE.

Audit dependencies

Paid Qodana linters for .NET now allow you to run third-party license audits and detect vulnerable dependencies, both of which are not included in ReSharper.

The Qodana license audit comprises two levels of capability to help your business keep licenses in check and stay compliant. 

What’s new in the license audit feature in this release?

  1. License Information Collection: Automatically gather and display all license information from project dependencies in the License Audit tab.
  2. License Compliance Checker: Assess license compliance and identify potential legal risks associated with the licenses of dependencies.

To view and download the license audit results, open your project in Qodana Cloud where the inspection was executed and navigate to the License audit tab. 

License Audit Qodana

Then:

  1. Expand the list to see the dependency tree.
  2. Toggle between viewing all licenses or only incompatible ones.
  3. View license rules of compatibility.
  4. Click the Download license list button to download the list of dependencies in MD, XML, HTML, CSV, or an advanced SPDX format.

Available in Qodana Ultimate Plus

Read more about license audits

.NET native mode for .NET Framework

Qodana now runs in a native environment, enabling you to use packages from private NuGet feeds and to analyze projects targeting .NET frameworks on Windows agents. You can run Qodana on the same machine you use to build the distribution. Before you launch the analysis, we recommend building sources by supplying a build command to the `bootstrap:` section of the `qodana.yaml` file. 

Available in all plans

License audit “software bill of materials” (SBOM) export

The SPDX format contains not only a list of dependencies, but also a structure of the project, checksum of libraries, copyrights, and included license text — all included in the software bill of materials (SBOM).

Simply click the Download license list button to retrieve the license audit report. 

Available in Qodana Ultimate Plus

Code coverage for .NET, Go, and Python

Since our 2023.2 release, code coverage has been a well-liked feature for Java, JavaScript, and PHP users. In Qodana 2023.3, we added .NET, Go, and Python to the list of languages you can measure code coverage in. 

In the latest Qodana release, we added inspections that will help you identify if the coverage of a method, class, or file falls below a predefined threshold. The resulting coverage will be calculated and displayed in both the command-line interface (CLI) output and the Qodana Cloud UI.

Inspections are enabled by default and included in both of our inspection profiles, Starter and Recommended. To start seeing test coverage results, simply provide test data.

To utilize this feature, you can either map the directory with coverage reports to the `/data/coverage` directory if you’re using Docker images, or put them into `.qodana/code-coverage` in the root folder of the project you’re analyzing. Tests should be run by developers and store data on execution.

Calculating code coverage requires additional information provided by test frameworks:

  • .NET
    • Access the code coverage framework, Coverlet, to get .NET code coverage.  
  • Python
    • Use coverage.py for executing unit tests and converting results into XML format. 
  • Go
    • Use `% go test –coverprofile=coverage.out` to run unit tests. No additional conversions needed. 

Code coverage documentation

VS Code extension 

We recently announced that you can now expand JetBrains code quality intelligence to your mixed team of developers – using VS Code or many of the most popular JetBrains IDEs. 

Available in all plans

To the VS Code extension

Enhance your search capabilities for vulnerabilities

Qodana can help your team find vulnerable dependencies in projects. But this raises another important question: “Is your code actually using a vulnerable API?”. 

Now we can answer this question not only for Java, Kotlin, and PHP, but also for Go, JS, and Python. This functionality works out of the box for JetBrains Qodana, as well as your JetBrains IDE.

Available in Qodana Ultimate Plus

Fresh updates to your Qodana IDE plugin 

The Qodana team has made design updates to upgrade the UI in the latest version of the Qodana IDE plugin. To avoid confusion when switching between branches, you can now view the analysis results that match your branch in the IDE.

To learn more about our IDE plugin, watch this video by Developer Advocate Anton Arhipov about unlocking code quality with the Qodana IDE plugin. 

Available in all plans. 

Watch video

That’s all for now – but keep in mind that these are only a few of the highlights! Take a look at the release notes for more details, additional features, and the capabilities of Qodana 2023.3 we haven’t included here. 

Talk to the Qodana team about code quality done right

If you have any questions or suggestions – or simply want to learn more about how Qodana can help your team and your business – post a comment here, tag us on X (formerly Twitter) or LinkedIn, or contact us at qodana-support@jetbrains.com.

Happy developing!

Your Qodana team

Free 60-day trial!

image description